| Package | tomcat7 |
|---|---|
| Version | 7.0.56-3+really7.0.109-1+deb8u7 (jessie) |
| Related CVEs | CVE-2024-23672 |
A denial-of-service vulnerability was found in Tomcat 7, a Java based web server, servlet and JSP engine. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.
For Debian 8 jessie, these problems have been fixed in version 7.0.56-3+really7.0.109-1+deb8u7.
We recommend that you upgrade your tomcat7 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.